802.1X is a port based authentication mechanism for networking devices and hosts.
How it is relevant to a lay-man?
You connect your laptop to a network socket - provided by a switch, which enforced port based authentication. The switch doesn't provide the connectivity until you authenticate with an "Authentication Server".
So there are three entities here - Supplicant (You, your PC), Authenticator (The Switch) and the Authentication Server (Usually a domain controller or active directory or simply any RADIUS server, where information about all the users of the corporate are stored)
Supplicant:
The supplicant provides the information for authentication, who you are, and what secret you know. Usually a user name and password.
Microsoft Windows has a 802.1X supplicant.
Authenticator:
The swith has two ports per a logical port - yes logical in the sense, each physical port can connect to any number of hosts, via a repeater hub. That means, each host gets a logical port.
The two ports are
uncontrolled port: this port is always open for communication - you can say the key hole. The supplicant has to provide the authentication information to the authenticator via this port.
controlled port: this port is for the general data transfer. This port is by default "closed". When the authentication server successfully authenticates a user, the authenticator "opens" the controlled port for that user.
Friday, July 18, 2008
Subscribe to:
Posts (Atom)